NVD Dashboard
CVEs Received and Processed
Time Period | New CVEs Received by NVD | New CVEs Analyzed by NVD | Modified CVEs Received by NVD | Modified CVEs Re-analyzed by NVD |
---|---|---|---|---|
Today | {{data.count}} | |||
This Week | {{data.count}} | |||
This Month | {{data.count}} | |||
Last Month | {{data.count}} | |||
This Year | {{data.count}} |
CVE Status Count
{{data.name}} | {{data.count}} |
NVD Contains
CVE Vulnerabilities | 247514 |
Checklists | 787 |
US-CERT Alerts | 249 |
US-CERT Vuln Notes | 4486 |
OVAL Queries | 10286 |
CPE Names | 1266177 |
CVSS V3 Score Distribution
Severity | Number of Vulns |
---|---|
{{data.name}} | {{data.count}} |
CVSS V2 Score Distribution
Severity | Number of Vulns |
---|---|
{{data.name}} | {{data.count}} |
For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.
-
CVE-2024-4071 - A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and classified as critical. This issue affects some unknown processing of the file prodInfo.php. The manipulation of the argument prodId leads to sql injection.... read CVE-2024-4071
Published: April 23, 2024; 6:15:07 PM -0400V3.1: 8.8 HIGH
-
CVE-2024-4072 - A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. It has been classified as problematic. Affected is an unknown function of the file search.php. The manipulation of the argument txtSearch leads to cross site s... read CVE-2024-4072
Published: April 23, 2024; 7:15:49 PM -0400V3.1: 5.4 MEDIUM
-
CVE-2024-29472 - OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module.
Published: March 20, 2024; 5:15:32 PM -0400V3.1: 5.4 MEDIUM
-
CVE-2024-29471 - OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Notice Manage module.
Published: March 20, 2024; 5:15:32 PM -0400V3.1: 5.4 MEDIUM
-
CVE-2022-34311 - IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's session due to insufficiently protected credentials. IBM X-Force ID: 229446.
Published: February 12, 2024; 2:15:09 PM -0500V3.1: 4.3 MEDIUM
-
CVE-2022-34309 - IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229440.
Published: February 12, 2024; 2:15:08 PM -0500V3.1: 7.5 HIGH
-
CVE-2023-39683 - Cross Site Scripting (XSS) vulnerability in EasyEmail v.4.12.2 and before allows a local attacker to execute arbitrary code via the user input parameter(s). NOTE: Researcher claims issue is present in all versions prior and later than tested version.
Published: February 09, 2024; 2:15:59 AM -0500V3.1: 6.1 MEDIUM
-
CVE-2024-26584 - In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can retu... read CVE-2024-26584
Published: February 21, 2024; 10:15:09 AM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-52455 - In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region... read CVE-2023-52455
Published: February 23, 2024; 10:15:08 AM -0500V3.1: 7.8 HIGH
-
CVE-2023-52456 - In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. ... read CVE-2023-52456
Published: February 23, 2024; 10:15:08 AM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-52457 - In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error ... read CVE-2023-52457
Published: February 23, 2024; 10:15:08 AM -0500V3.1: 7.8 HIGH
-
CVE-2023-52460 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference at hibernate During hibernate sequence the source context might not have a clk_mgr. So don't use it to look for DML2 support.
Published: February 23, 2024; 10:15:08 AM -0500V3.1: 5.5 MEDIUM
-
CVE-2022-48655 - In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interf... read CVE-2022-48655
Published: April 28, 2024; 9:15:07 AM -0400V3.1: 7.8 HIGH
-
CVE-2022-48658 - In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context. Commit 5a836bf6b09f ("mm: slub: move flush_cpu_slab() invocations __free_slab() invocations out of IRQ ... read CVE-2022-48658
Published: April 28, 2024; 9:15:07 AM -0400V3.1: 7.8 HIGH
-
CVE-2022-48659 - In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to return errno if kmalloc() fails In create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to out-of-memory, if it fails, return errno correctly rather than trigg... read CVE-2022-48659
Published: April 28, 2024; 9:15:07 AM -0400V3.1: 5.5 MEDIUM
-
CVE-2022-48660 - In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully When running gpio test on nxp-ls1028 platform with below command gpiomon --num-events=3 --rising-edge gpi... read CVE-2022-48660
Published: April 28, 2024; 9:15:07 AM -0400V3.1: 5.5 MEDIUM
-
CVE-2022-48661 - In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fix potential resource leakage when register a chip If creation of software node fails, the locally allocated string array is left unfreed. Free it on error path.
Published: April 28, 2024; 9:15:07 AM -0400V3.1: 5.5 MEDIUM
-
CVE-2022-48662 - In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915_gem_context.link under ref protection i915_perf assumes that it can use the i915_gem_context reference to protect its i915->gem.contexts.list iter... read CVE-2022-48662
Published: April 28, 2024; 9:15:07 AM -0400V3.1: 7.8 HIGH
-
CVE-2024-20358 - A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary comman... read CVE-2024-20358
Published: April 24, 2024; 4:15:07 PM -0400V3.1: 6.7 MEDIUM
-
CVE-2024-20313 - A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerabil... read CVE-2024-20313
Published: April 24, 2024; 5:15:46 PM -0400V3.1: 7.4 HIGH